LWAPP over IPSEC

Unanswered Question
Dec 3rd, 2007
User Badges:

Hi All,


I am trying to get a LAP at my remote office to register back to my WLC at HQ,


Remote office is currently using tunnel VPN IPSEC over TCP.


Is that possible?


I tried this setup, but failed to work. Debug dhcp and debug lwapp on the WLC shows nothing at all. LAP at remote site seems unable to find its way back to WLC. I have configured option 43 as according to cisco documentation


PLz advice

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jakew Mon, 12/03/2007 - 21:38
User Badges:
  • Silver, 250 points or more

I'm doing it in my home right now. You might try using the AP console cable to prime the AP instead of DHCP 43.

J_Vansen_S Mon, 12/03/2007 - 22:35
User Badges:

my Ap does not have a console port. I am using the Aironet 1030.


Thanks for the hints, but im still none the wiser. Would u mind explaining how u did it?

Richard Atkin Tue, 12/04/2007 - 01:32
User Badges:
  • Silver, 250 points or more

Presuming you don't have a DHCP / DNS Server in your Remote Office, take the AP in to the main office and provision it there. Configure the Primary WLC, but keep it configured to use DHCP.


Take it back to the remote office, plug it in and it should pickup a DHCP Address and have remembered the WLC IP Address, which it will try to conenct to.


Some possible problems are;


- Routing / Firewall / ACL restrictions between the sites.


- MTU limitations between the sites. MTU needs to be greater than 500 bytes. If this is happening, you should see Crypto errors on the WLC.

J_Vansen_S Tue, 12/04/2007 - 17:59
User Badges:

thank you for your advice, i shall look into the possible problems.


I was wondering if IPSEC over TCP is an issue for LWAPP? As i read on the cisco doc saying that LWAPP utilizes udp 12222 and 12223.


Plz advice

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode